Tag: cryptography

Using GPG to password-encrypt files

In addition to public key encryption, GPG can also be used to password encrypt files. This doesn’t use public/private key encryption but uses symmetric key ciphers like AES or CAST.  This can be useful when you simply need to use a shared secret to encrypt or decrypt a file or if you are encrypting a file to yourself for safekeeping.

Wikimedia Commons
Enigma Machine – Flickr Simon Claessen CC-BY

OpenSSL is cool and all but don’t use it to encrypt information in-situ. It’s a bad idea. OpenSSL is good for generating TLS certificates. It wasn’t intended for file encryption.

To encrypt a file named message.txt:

(more…)

Advertisements

Password Security – Primer

Passwords have always been one of the weakest links in information security. Good passwords are hard to generate and remember. Added to that it’s not good practice to use the same password for multiple sites. So one has to use completely random, reasonably long, password that contains upper and lowercase letters, numbers and special characters (phew). As if all this is not enough, several sites – like those of financial institutions – require you to change your password regularly.

All this can make it very difficult to generate, remember and maintain passwords and store passwords in a secure fashion. In this article, let’s tackle the problems with passwords one after the other.

Hopefully, I’ll cover everything that needs to be covered. If I’ve left off something, kindly point it out and I’ll edit the article to fix it as quickly as possible

(more…)